Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: Pollard's kangaroo ECDLP solver
by
Evillo
on 29/08/2022, 16:01:33 UTC
Quote from: BHWallet on Today at 09:19:17 AM
Quote from: Evillo on August 27, 2022, 11:00:24 PM
Quote from: BHWallet on August 27, 2022, 07:13:31 PM
Quote from: CrunchyF on August 26, 2022, 05:55:01 PM
Quote from: BHWallet on August 26, 2022, 04:14:41 PM
So there are 2^96 different private keys in the entire 2^256 space that can "unlock" for example this address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (Puzzle 64)? Can anyone confirm this?

Yes exactly and for a simple fact :

16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (and every other wallet address of this type) is encoded on 160 bits (and not on 256 bits like the majority of other crypto parameters in bitcoin protocol)
16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN is base58 encoded and is 3ee4133d991f52fdf6a25c9834e0745ac74248a4 (20*8bytes = 160bits) in hexadecimal
(
Unlike public keys that are encoded on 256 bits

a simple wallet address (p2pkh) is simply obtained by the function hash160(public_key)

So if you have the possibility to browse the entire 1-2^256 space and to compute the hash160 function for every hash160(public_key)  derived from 1-2^256 private keys you will find an average of 2^(256-160) = 2^96 public key with hash160=16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN .


But even if 2^96 seems big its far away smaller from 2^256. And it's pretty impossible to have a collision between two random public key in the using age of bitcoin.

But theoretically if you find any public key derived from a private key with hash160(public_key)=  '16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN' or = to any other non zero wallet address you will able to unlock the coins.

Because the verification in the bitcoin protocol to prove that you are the owner of the private key is simply "have you signed the transaction with the private key associated to a public key that gives 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (or any other target address) with hash160 function
Thanks for the reply!

I'm missing something...So these addresses will have different public keys or not?

Can one private key control 2^96 different wallets?

For example when I import some random private key in Electrum wallet and click on "sweep funds" am I sweeping one wallet or 2^96 different wallets?

You simply got it backwards ..

 One private key does NOT open 2^96 addresses
instead,
 One address can be opened by 2^96 private keys

See the difference?
Yeah I get it thanks. Still the odds of finding one remain almost the same if you scan through 2^255
I wouldn't say that with 100% confidence .. any address that starts with the number "1" (i mean a p2pkh address) is prone to 160 bit range attack using private key cracking tools .. it is well known that this entire first 160 bit range has all addresses (including the 40+ millions with balance) .. this is the problem with hashing public keys .. coz you basically reduced cracking difficulty down from 256 bits to 160 bits .. however, this doesn't mean that bitcoin security got any loopholes .. just watch how only 64 bits are beating the hell out of all crackers trying to solve one address within it .. trying to go through the entire 64 bits, you would have to traverse 18 million trillion private keys .. this number is so huge that the average person never hear it in their lifetime and most likely will not even have to .. getting out of this range and moving up one bit to 65 bit range .. is double that number .. keep doubling on every bit until you reach 160 bits and you would have to crack forty-two septillion private keys .. in case you wonder, one septillion is a number consisting of 26 digits (1 followed by 25 zeros) .. no machine in our world is known to be able to even count this number within any person's lifetime.. in simple words: practically impossible